diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2021-05-28 11:13:28 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-28 11:13:28 +0300 |
| commit | fd5fa561389b1e72ddc966e6f575ddfb46072c67 (patch) | |
| tree | 7023ee8f11382ac4ff72d312f7b1bcb77b719c0a /page-storage.php | |
| parent | 32f5772c9fdd641ba68112dbf29074fe05758c43 (diff) | |
Fix several security concerns (#1471)
* Use REMOTE_ADDR field
The other ones are not used at all. This would allow someone to spoof
the configured IP address and bypass any rate limit.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add basic ratelimiting class
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Remove Mautic submission form
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Replace captcha with ratelimiter
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Space + tabs
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Dont check if no REDIS is defined in config
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'page-storage.php')
| -rw-r--r-- | page-storage.php | 17 |
1 files changed, 0 insertions, 17 deletions
diff --git a/page-storage.php b/page-storage.php index 2ed078ce..17f9abae 100644 --- a/page-storage.php +++ b/page-storage.php @@ -1,12 +1,5 @@ <head> <link href="<?php echo get_template_directory_uri(); ?>/assets/css/pages/storage.css?v=1" rel="stylesheet"> -<!--<script src="https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit" async defer></script> -<script type="text/javascript"> - var CaptchaCallback = function() { - grecaptcha.render('RecaptchaField1', {'sitekey' : '<?php echo RECAPTCHA_SITEKEY; ?>'}); - grecaptcha.render('RecaptchaField2', {'sitekey' : '<?php echo RECAPTCHA_SITEKEY; ?>'}); - }; -</script>--> <meta itemprop="image" content="<?php echo get_template_directory_uri(); ?>/assets/img/features/externalstorage.png"> <meta name="twitter:image" content="<?php echo get_template_directory_uri(); ?>/assets/img/features/externalstorage.png"> <meta name="twitter:image:src" content="<?php echo get_template_directory_uri(); ?>/assets/img/features/externalstorage.png"> @@ -44,11 +37,6 @@ <h2><?php echo $l->t('Windows Network Drive');?></h2> <form name="whitepaper" method="post" action="<?php echo home_url('whitepaper-submit') ?>"> <p><label for="email"><?php echo $l->t('Download our free Windows Network Drive datasheet');?><br> - <td colspan="2" style="text-align:center"> - <div class=""> - <div id="RecaptchaField1"></div> - </div> - </td> <input type="hidden" name="segmentId" value="8"> <input type="hidden" name="firstname" value=""> <input type="hidden" name="requesttime" value="<?php echo time(); ?>"> @@ -107,11 +95,6 @@ <h2><?php echo $l->t('SharePoint Integration');?></h2> <form name="whitepaper" method="post" action="<?php echo home_url('whitepaper-submit') ?>"> <p><label for="email"><?php echo $l->t('Download our free datasheet on SharePoint as External Storage');?><br> - <td colspan="2" style="text-align:center"> - <div class=""> - <div id="RecaptchaField2"></div> - </div> - </td> <input type="hidden" name="segmentId" value="9"> <input type="hidden" name="firstname" value=""> <input type="hidden" name="requesttime" value="<?php echo time(); ?>"> |